Lucene search

[email protected]CVE-2006-4778

HistorySep 14, 2006 - 10:07 a.m.

CVE-2006-4778

2006-09-1410:07:00

[email protected]

web.nvd.nist.gov

cve

2006

4778

sql injection

creative commons tools

cchost

remote attackers

arbitrary commands

crafted url

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.4%

JSON

SQL injection vulnerability in Creative Commons Tools ccHost before 3.0 allows remote attackers to execute arbitrary SQL commands via a crafted URL, which is used to populate the file ID. NOTE: Some details are obtained from third party information.

Affected configurations

NVD

Node

cchostcchostRange≤2.9

CPENameOperatorVersion
cchost:cchostcchostle2.9

CPE	Name	Operator	Version
cchost:cchost	cchost	le	2.9

References

secunia.com/advisories/21822

sourceforge.net/project/shownotes.php?release_id=445818&group_id=80503

www.securityfocus.com/bid/19978

www.vupen.com/english/advisories/2006/3567

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.4%

JSON

Related for CVE-2006-4778

cvelist1 nvd1